CVE-2024-22625 | Complete Supplier Management System 1.0 edit_category.php id sql injection

Inserito da Angelo Barbosa | Gen 16, 2024 | CVE

A vulnerability, which was classified as critical, was found in Complete Supplier Management System 1.0. Affected is an unknown function of the file /Supply_Management_System/admin/edit_category.php. The manipulation of the argument id leads to sql injection.

This vulnerability is traded as CVE-2024-22625. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-22625 | Complete Supplier Management System 1.0 edit_category.php id sql injection

Post correlati

CVE-2023-6072 | Trellix Central Management prior 9.1.3.97129 CM Dashboard cross site scripting

CVE-2023-50477 | NOS Client 0.6.6 getRPCEndpoint.js Privilege Escalation (Issue 1485)

CVE-2024-24939 | JetBrains Rider prior 2023.3.3 Environment Variable log file

CVE-2024-6540 | OTRS up to 8.0.x/2023.x/2024.4.x Ticket improper filtering of special elements